Geeky songs and stuff from Daniel Davis

Menu

Monthly Archives: August 2012

I have an old hard drive I want to throw away but I don’t want any remaining photos, financial documents or other personal data getting in the wrong hands. In other words, I want to completely and securely wipe the drive. With Linux there are several options and after a bit of research, here’s what I consider the best way.

Firstly, programs such as fdisk, cfdisk or GParted are not sufficient to fully erase data—they just edit a drive’s partition table. What we want is something more thorough. The standard way to do this is to overwrite data on a drive with randomly-generated data. There are several command-line programs to do this (see below for a comparison) but I’ve chosen shred. Its default is three passes (overwriting all data three times) which I’m comfortable with, but you can specify more if you like, e.g. -p 10 for 10 passes.

WARNING! You don’t need me to tell you that accidentally erasing the wrong data could cause you big problems. Please be careful and check, then double-check each command and especially drive name before pressing Enter.

Step 1.
Plug in the hard drive and find its name (sdb, sdc, etc.). Use

dmesg

and look for something like sdb: sdb1

Step 2.
Unmount each partition of the drive (sdb1, sdb2, etc.), e.g.

sudo umount /dev/sdb1

Step 3.
Type the following command for writing random data to the drive three times (default). DON’T PRESS ENTER.

sudo shred -f -v /dev/[your drive name]

Step 4.
Double-check that the drive you’ve specified is the correct one to wipe. OK, now you can press Enter.

Further information

Wiping the drive as explained above is good enough for most purposes but forensic experts have amazing skills and tools at their disposal. It may theoretically still be possible to access some of your deleted data. The most secure way to prevent people accessing any data left on your drive is physically drilling, crushing and breaking up the drive, then disposing of the parts in various locations. And encrypting the drive in the first place with TrueCrypt, for example, is also a good idea.